@middy/sts 5.1.0 → 5.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/index.js +80 -56
  2. package/package.json +4 -4
package/index.js CHANGED
@@ -1,59 +1,83 @@
1
- import { canPrefetch, createPrefetchClient, createClient, getCache, getInternal, processCache, modifyCache } from '@middy/util';
2
- import { STSClient, AssumeRoleCommand } from '@aws-sdk/client-sts';
1
+ import {
2
+ canPrefetch,
3
+ createPrefetchClient,
4
+ createClient,
5
+ getCache,
6
+ getInternal,
7
+ processCache,
8
+ modifyCache,
9
+ catchInvalidSignatureException
10
+ } from '@middy/util'
11
+ import { STSClient, AssumeRoleCommand } from '@aws-sdk/client-sts'
12
+
3
13
  const defaults = {
4
- AwsClient: STSClient,
5
- awsClientOptions: {},
6
- awsClientCapture: undefined,
7
- fetchData: {},
8
- disablePrefetch: false,
9
- cacheKey: 'sts',
10
- cacheKeyExpiry: {},
11
- cacheExpiry: -1,
12
- setToContext: false
13
- };
14
- const stsMiddleware = (opts = {})=>{
15
- const options = {
16
- ...defaults,
17
- ...opts
18
- };
19
- const fetch = (request, cachedValues = {})=>{
20
- const values = {};
21
- for (const internalKey of Object.keys(options.fetchData)){
22
- if (cachedValues[internalKey]) continue;
23
- const assumeRoleOptions = options.fetchData[internalKey];
24
- assumeRoleOptions.RoleSessionName ??= 'middy-sts-session-' + Math.ceil(Math.random() * 99999);
25
- values[internalKey] = client.send(new AssumeRoleCommand(assumeRoleOptions)).then((resp)=>({
26
- accessKeyId: resp.Credentials.AccessKeyId,
27
- secretAccessKey: resp.Credentials.SecretAccessKey,
28
- sessionToken: resp.Credentials.SessionToken
29
- })).catch((e)=>{
30
- const value = getCache(options.cacheKey).value ?? {};
31
- value[internalKey] = undefined;
32
- modifyCache(options.cacheKey, value);
33
- throw e;
34
- });
35
- }
36
- return values;
37
- };
38
- let client;
39
- if (canPrefetch(options)) {
40
- client = createPrefetchClient(options);
41
- processCache(options, fetch);
14
+ AwsClient: STSClient,
15
+ awsClientOptions: {},
16
+ // awsClientAssumeRole: undefined, // Not Applicable, as this is the middleware that defines the roles
17
+ awsClientCapture: undefined,
18
+ fetchData: {}, // { contextKey: {RoleArn, RoleSessionName} }
19
+ disablePrefetch: false,
20
+ cacheKey: 'sts',
21
+ cacheKeyExpiry: {},
22
+ cacheExpiry: -1,
23
+ setToContext: false
24
+ }
25
+
26
+ const stsMiddleware = (opts = {}) => {
27
+ const options = { ...defaults, ...opts }
28
+
29
+ const fetch = (request, cachedValues = {}) => {
30
+ const values = {}
31
+
32
+ for (const internalKey of Object.keys(options.fetchData)) {
33
+ if (cachedValues[internalKey]) continue
34
+ const assumeRoleOptions = options.fetchData[internalKey]
35
+ // Date cannot be used here to assign default session name, possibility of collision when > 1 role defined
36
+ assumeRoleOptions.RoleSessionName ??=
37
+ 'middy-sts-session-' + Math.ceil(Math.random() * 99999)
38
+ const command = new AssumeRoleCommand(assumeRoleOptions)
39
+ values[internalKey] = client
40
+ .send(command)
41
+ .catch((e) => catchInvalidSignatureException(e, client, command))
42
+ .then((resp) => ({
43
+ accessKeyId: resp.Credentials.AccessKeyId,
44
+ secretAccessKey: resp.Credentials.SecretAccessKey,
45
+ sessionToken: resp.Credentials.SessionToken
46
+ }))
47
+ .catch((e) => {
48
+ const value = getCache(options.cacheKey).value ?? {}
49
+ value[internalKey] = undefined
50
+ modifyCache(options.cacheKey, value)
51
+ throw e
52
+ })
53
+ }
54
+
55
+ return values
56
+ }
57
+
58
+ let client
59
+ if (canPrefetch(options)) {
60
+ client = createPrefetchClient(options)
61
+ processCache(options, fetch)
62
+ }
63
+
64
+ const stsMiddlewareBefore = async (request) => {
65
+ if (!client) {
66
+ client = await createClient(options, request)
67
+ }
68
+
69
+ const { value } = processCache(options, fetch, request)
70
+
71
+ Object.assign(request.internal, value)
72
+
73
+ if (options.setToContext) {
74
+ const data = await getInternal(Object.keys(options.fetchData), request)
75
+ if (options.setToContext) Object.assign(request.context, data)
42
76
  }
43
- const stsMiddlewareBefore = async (request)=>{
44
- if (!client) {
45
- client = await createClient(options, request);
46
- }
47
- const { value } = processCache(options, fetch, request);
48
- Object.assign(request.internal, value);
49
- if (options.setToContext) {
50
- const data = await getInternal(Object.keys(options.fetchData), request);
51
- if (options.setToContext) Object.assign(request.context, data);
52
- }
53
- };
54
- return {
55
- before: stsMiddlewareBefore
56
- };
57
- };
58
- export default stsMiddleware;
77
+ }
59
78
 
79
+ return {
80
+ before: stsMiddlewareBefore
81
+ }
82
+ }
83
+ export default stsMiddleware
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@middy/sts",
3
- "version": "5.1.0",
3
+ "version": "5.2.1",
4
4
  "description": "STS (Security Token Service) credentials middleware for the middy framework",
5
5
  "type": "module",
6
6
  "engines": {
@@ -60,13 +60,13 @@
60
60
  "url": "https://github.com/sponsors/willfarrell"
61
61
  },
62
62
  "dependencies": {
63
- "@middy/util": "5.1.0"
63
+ "@middy/util": "5.2.1"
64
64
  },
65
65
  "devDependencies": {
66
66
  "@aws-sdk/client-sts": "^3.0.0",
67
- "@middy/core": "5.1.0",
67
+ "@middy/core": "5.2.1",
68
68
  "@types/aws-lambda": "^8.10.101",
69
69
  "aws-xray-sdk": "^3.3.3"
70
70
  },
71
- "gitHead": "bbdaf5843914921804ba085dd58117273febe6b5"
71
+ "gitHead": "4d55da221b9165b4b3e59a12632fd40a149a1e92"
72
72
  }